fix: namespace should default to html

not previous namespace

Author: NateScarlet

dist/purify.cjs.js

@@ -384,7 +384,7 @@ function createDOMPurify(window = getGlobal()) {
     KEEP_CONTENT = cfg.KEEP_CONTENT !== false; // Default true
     IN_PLACE = cfg.IN_PLACE || false; // Default false
     IS_ALLOWED_URI = cfg.ALLOWED_URI_REGEXP || IS_ALLOWED_URI;
-    NAMESPACE = cfg.NAMESPACE || NAMESPACE;
+    NAMESPACE = cfg.NAMESPACE || HTML_NAMESPACE;
     if (SAFE_FOR_TEMPLATES) {
       ALLOW_DATA_ATTR = false;
     }

dist/purify.cjs.js.map

@@ -1615,4 +1615,23 @@ module.exports = function (DOMPurify, window, tests, xssTests) {
       assert.contains(clean, test.expected);
     });
   });
+
+  QUnit.test('Test namespace default to html after other namespace been used', function (assert) {
+    var tests = [
+      {
+        test: '<br>',
+        config: { NAMESPACE: 'http://www.w3.org/2000/svg' },
+        expected: [''],
+      },
+      {
+        test: '<br>',
+        config: { },
+        expected: ['<br>'],
+      },
+    ];
+    tests.forEach(function (test) {
+      var clean = DOMPurify.sanitize(test.test, test.config);
+      assert.contains(clean, test.expected);
+    });
+  });
 };